2 * Dumping of LE binaries
4 * Copyright 2004 Robert Reif
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
33 unsigned int o32_size
;
34 unsigned int o32_base
;
35 unsigned int o32_flags
;
36 unsigned int o32_pagemap
;
37 unsigned int o32_mapsize
;
43 unsigned short o32_pagedataoffset
;
44 unsigned char o32_pagesize
;
45 unsigned char o32_pageflags
;
50 unsigned char b32_cnt
;
51 unsigned char b32_type
;
57 unsigned short sdk_version
;
58 unsigned short device_number
;
59 unsigned char version_major
;
60 unsigned char version_minor
;
63 unsigned int init_order
;
64 unsigned int ctrl_ofs
;
65 unsigned int v86_ctrl_ofs
;
66 unsigned int pm_ctrl_ofs
;
67 unsigned int v86_ctrl_csip
;
68 unsigned int pm_ctrl_csip
;
69 unsigned int rm_ref_data
;
70 unsigned int service_table_ofs
;
71 unsigned int service_table_size
;
72 unsigned int win32_service_table_ofs
;
75 unsigned int reserved0
;
76 unsigned int reserved1
;
77 unsigned int reserved2
;
80 static inline WORD
get_word( const BYTE
*ptr
)
82 return ptr
[0] | (ptr
[1] << 8);
85 static void dump_le_header( const IMAGE_VXD_HEADER
*le
)
87 printf( "File header:\n" );
88 printf( " Magic: %04x (%c%c)\n",
89 le
->e32_magic
, LOBYTE(le
->e32_magic
), HIBYTE(le
->e32_magic
));
90 printf( " Byte order: %s\n",
91 le
->e32_border
== 0 ? "little-indian" : "big-endian");
92 printf( " Word order: %s\n",
93 le
->e32_worder
== 0 ? "little-indian" : "big-endian");
94 printf( " Executable format level: %d\n", (UINT
)le
->e32_level
);
95 printf( " CPU type: %s\n",
96 le
->e32_cpu
== 0x01 ? "Intel 80286" :
97 le
->e32_cpu
== 0x02 ? "Intel 80386" :
98 le
->e32_cpu
== 0x03 ? "Intel 80486" :
99 le
->e32_cpu
== 0x04 ? "Intel 80586" :
100 le
->e32_cpu
== 0x20 ? "Intel i860 (N10)" :
101 le
->e32_cpu
== 0x21 ? "Intel i860 (N11)" :
102 le
->e32_cpu
== 0x40 ? "MIPS Mark I" :
103 le
->e32_cpu
== 0x41 ? "MIPS Mark II" :
104 le
->e32_cpu
== 0x42 ? "MIPS Mark III" :
106 printf( " Target operating system: %s\n",
107 le
->e32_os
== 0x01 ? "OS/2" :
108 le
->e32_os
== 0x02 ? "Windows" :
109 le
->e32_os
== 0x03 ? "DOS 4.x" :
110 le
->e32_os
== 0x04 ? "Windows 386" :
112 printf( " Module version: %d\n", (UINT
)le
->e32_ver
);
113 printf( " Module type flags: %08x\n", (UINT
)le
->e32_mflags
);
114 if (le
->e32_mflags
& 0x8000)
116 if (le
->e32_mflags
& 0x0004)
117 printf( " Global initialization\n");
119 printf( " Per-Process initialization\n");
120 if (le
->e32_mflags
& 0x0010)
121 printf( " No internal fixup\n");
122 if (le
->e32_mflags
& 0x0020)
123 printf( " No external fixup\n");
124 if ((le
->e32_mflags
& 0x0700) == 0x0100)
125 printf( " Incompatible with PM windowing\n");
126 else if ((le
->e32_mflags
& 0x0700) == 0x0200)
127 printf( " Compatible with PM windowing\n");
128 else if ((le
->e32_mflags
& 0x0700) == 0x0300)
129 printf( " Uses PM windowing API\n");
130 if (le
->e32_mflags
& 0x2000)
131 printf( " Module not loadable\n");
132 if (le
->e32_mflags
& 0x8000)
133 printf( " Module is DLL\n");
135 printf( " Number of memory pages: %d\n", (UINT
)le
->e32_mpages
);
136 printf( " Initial object CS number: %08x\n", (UINT
)le
->e32_startobj
);
137 printf( " Initial EIP: %08x\n", (UINT
)le
->e32_eip
);
138 printf( " Initial object SS number: %08x\n", (UINT
)le
->e32_stackobj
);
139 printf( " Initial ESP: %08x\n", (UINT
)le
->e32_esp
);
140 printf( " Memory page size: %d\n", (UINT
)le
->e32_pagesize
);
141 printf( " Bytes on last page: %d\n", (UINT
)le
->e32_lastpagesize
);
142 printf( " Fix-up section size: %d\n", (UINT
)le
->e32_fixupsize
);
143 printf( " Fix-up section checksum: %08x\n", (UINT
)le
->e32_fixupsum
);
144 printf( " Loader section size: %d\n", (UINT
)le
->e32_ldrsize
);
145 printf( " Loader section checksum: %08x\n", (UINT
)le
->e32_ldrsum
);
146 printf( " Offset of object table: %08x\n", (UINT
)le
->e32_objtab
);
147 printf( " Object table entries: %d\n", (UINT
)le
->e32_objcnt
);
148 printf( " Object page map offset: %08x\n", (UINT
)le
->e32_objmap
);
149 printf( " Object iterate data map offset: %08x\n", (UINT
)le
->e32_itermap
);
150 printf( " Resource table offset: %08x\n", (UINT
)le
->e32_rsrctab
);
151 printf( " Resource table entries: %d\n", (UINT
)le
->e32_rsrccnt
);
152 printf( " Resident names table offset: %08x\n", (UINT
)le
->e32_restab
);
153 printf( " Entry table offset: %08x\n", (UINT
)le
->e32_enttab
);
154 printf( " Module directives table offset: %08x\n", (UINT
)le
->e32_dirtab
);
155 printf( " Module directives entries: %d\n", (UINT
)le
->e32_dircnt
);
156 printf( " Fix-up page table offset: %08x\n", (UINT
)le
->e32_fpagetab
);
157 printf( " Fix-up record table offset: %08x\n", (UINT
)le
->e32_frectab
);
158 printf( " Imported modules name table offset: %08x\n", (UINT
)le
->e32_impmod
);
159 printf( " Imported modules count: %d\n", (UINT
)le
->e32_impmodcnt
);
160 printf( " Imported procedure name table offset: %08x\n", (UINT
)le
->e32_impproc
);
161 printf( " Per-page checksum table offset: %08x\n", (UINT
)le
->e32_pagesum
);
162 printf( " Data pages offset from top of table: %08x\n", (UINT
)le
->e32_datapage
);
163 printf( " Preload page count: %08x\n", (UINT
)le
->e32_preload
);
164 printf( " Non-resident names table offset: %08x\n", (UINT
)le
->e32_nrestab
);
165 printf( " Non-resident names table length: %d\n", (UINT
)le
->e32_cbnrestab
);
166 printf( " Non-resident names table checksum: %08x\n", (UINT
)le
->e32_nressum
);
167 printf( " Automatic data object: %08x\n", (UINT
)le
->e32_autodata
);
168 printf( " Debug information offset: %08x\n", (UINT
)le
->e32_debuginfo
);
169 printf( " Debug information length: %d\n", (UINT
)le
->e32_debuglen
);
170 printf( " Preload instance pages number: %d\n", (UINT
)le
->e32_instpreload
);
171 printf( " Demand instance pages number: %d\n", (UINT
)le
->e32_instdemand
);
172 printf( " Extra heap allocation: %d\n", (UINT
)le
->e32_heapsize
);
173 printf( " VxD resource table offset: %08x\n", (UINT
)le
->e32_winresoff
);
174 printf( " Size of VxD resource table: %d\n", (UINT
)le
->e32_winreslen
);
175 printf( " VxD identifier: %x\n", (UINT
)le
->e32_devid
);
176 printf( " VxD DDK version: %x\n", (UINT
)le
->e32_ddkver
);
179 static void dump_le_objects( const IMAGE_VXD_HEADER
*le
)
181 const struct o32_obj
*pobj
;
184 printf("\nObject table:\n");
185 pobj
= (const struct o32_obj
*)((const unsigned char *)le
+ le
->e32_objtab
);
186 for (i
= 0; i
< le
->e32_objcnt
; i
++)
189 const struct o32_map
*pmap
=0;
191 printf(" Obj. Rel.Base Codesize Flags Tableidx Tablesize Name\n");
192 printf(" %04X %08x %08x %08x %08x %08x ", i
+ 1,
193 pobj
->o32_base
, pobj
->o32_size
, pobj
->o32_flags
,
194 pobj
->o32_pagemap
, pobj
->o32_mapsize
);
195 for (j
= 0; j
< 4; j
++)
197 if (isprint(pobj
->o32_name
[j
]))
198 printf("%c", pobj
->o32_name
[j
]);
204 if(pobj
->o32_flags
& 0x0001)
205 printf("\tReadable\n");
206 if(pobj
->o32_flags
& 0x0002)
207 printf("\tWritable\n");
208 if(pobj
->o32_flags
& 0x0004)
209 printf("\tExecutable\n");
210 if(pobj
->o32_flags
& 0x0008)
211 printf("\tResource\n");
212 if(pobj
->o32_flags
& 0x0010)
213 printf("\tDiscardable\n");
214 if(pobj
->o32_flags
& 0x0020)
215 printf("\tShared\n");
216 if(pobj
->o32_flags
& 0x0040)
217 printf("\tPreloaded\n");
218 if(pobj
->o32_flags
& 0x0080)
219 printf("\tInvalid\n");
220 if(pobj
->o32_flags
& 0x2000)
221 printf("\tUse 32\n");
223 printf(" Page tables:\n");
224 printf(" Tableidx Offset Flags\n");
225 pmap
= (const struct o32_map
*)((const unsigned char *)le
+ le
->e32_objmap
);
226 pmap
= &(pmap
[pobj
->o32_pagemap
- 1]);
227 for (j
= 0; j
< pobj
->o32_mapsize
; j
++)
229 printf(" %08x %06x %02x\n",
230 pobj
->o32_pagemap
+ j
,
231 (pmap
->o32_pagedataoffset
<< 8) + pmap
->o32_pagesize
,
232 (int)pmap
->o32_pageflags
);
239 static void dump_le_names( const IMAGE_VXD_HEADER
*le
)
241 const unsigned char *pstr
= (const unsigned char *)le
+ le
->e32_restab
;
243 printf( "\nResident name table:\n" );
246 printf( " %4d: %*.*s\n", get_word(pstr
+ *pstr
+ 1), *pstr
, *pstr
,
248 pstr
+= *pstr
+ 1 + sizeof(WORD
);
250 if (le
->e32_cbnrestab
)
252 printf( "\nNon-resident name table:\n" );
253 pstr
= PRD(le
->e32_nrestab
, 0);
256 printf( " %4d: %*.*s\n", get_word(pstr
+ *pstr
+ 1), *pstr
, *pstr
,
258 pstr
+= *pstr
+ 1 + sizeof(WORD
);
263 static void dump_le_resources( const IMAGE_VXD_HEADER
*le
)
265 printf( "\nResources:\n" );
266 printf( " Not Implemented\n" );
269 static void dump_le_modules( const IMAGE_VXD_HEADER
*le
)
271 printf( "\nImported modulename table:\n" );
272 printf( " Not Implemented\n" );
275 static void dump_le_entries( const IMAGE_VXD_HEADER
*le
)
277 printf( "\nEntry table:\n" );
278 printf( " Not Implemented\n" );
281 static void dump_le_fixups( const IMAGE_VXD_HEADER
*le
)
283 printf( "\nFixup table:\n" );
284 printf( " Not Implemented\n" );
287 static void dump_le_VxD( const IMAGE_VXD_HEADER
*le
)
289 printf( "\nVxD descriptor:\n" );
290 printf( " Not Implemented\n" );
295 const IMAGE_DOS_HEADER
*dos
;
296 const IMAGE_VXD_HEADER
*le
;
298 dos
= PRD(0, sizeof(*dos
));
300 le
= PRD(dos
->e_lfanew
, sizeof(*le
));
302 dump_le_header( le
);
303 dump_le_objects( le
);
304 dump_le_resources( le
);
306 dump_le_entries( le
);
307 dump_le_modules( le
);
308 dump_le_fixups( le
);
